From 0b8c3f7fd359f76940e655eb6c4089a4e7354926 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Fri, 27 Oct 2023 11:15:41 +0200 Subject: [PATCH] chore: synchronize workspaces --- consent/csrf.go | 5 ++- flow/flow.go | 10 ++++- internal/httpclient/api/openapi.yaml | 7 +++ .../docs/AcceptOAuth2ConsentRequest.md | 36 ++++++++++++++++ .../httpclient/docs/OAuth2ConsentSession.md | 36 ++++++++++++++++ .../model_accept_o_auth2_consent_request.go | 43 +++++++++++++++++-- .../model_o_auth2_consent_session.go | 37 ++++++++++++++++ spec/api.json | 6 +++ spec/swagger.json | 6 +++ 9 files changed, 180 insertions(+), 6 deletions(-) diff --git a/consent/csrf.go b/consent/csrf.go index cd691febe9c..0a21c8e28ab 100644 --- a/consent/csrf.go +++ b/consent/csrf.go @@ -6,11 +6,12 @@ package consent import ( - "github.com/ory/hydra/v2/flow" "net/http" "strings" "time" + "github.com/ory/hydra/v2/flow" + "github.com/gorilla/sessions" "github.com/ory/fosite" @@ -19,6 +20,8 @@ import ( "github.com/ory/x/mapx" ) +// WARNING - changes in this file need to be mirrored elsewhere. + func createCsrfSession(w http.ResponseWriter, r *http.Request, conf x.CookieConfigProvider, store sessions.Store, name string, csrfValue string, maxAge time.Duration) error { // Errors can be ignored here, because we always get a session back. Error typically means that the // session doesn't exist yet. diff --git a/flow/flow.go b/flow/flow.go index 1fd5affc4f6..b926ce5db96 100644 --- a/flow/flow.go +++ b/flow/flow.go @@ -290,6 +290,11 @@ func (f *Flow) HandleLoginRequest(h *HandledLoginRequest) error { } else { f.State = FlowStateLoginUnused } + + if f.Context != nil { + f.Context = h.Context + } + f.ID = h.ID f.Subject = h.Subject f.ForceSubjectIdentifier = h.ForceSubjectIdentifier @@ -301,7 +306,6 @@ func (f *Flow) HandleLoginRequest(h *HandledLoginRequest) error { f.LoginExtendSessionLifespan = h.ExtendSessionLifespan f.ACR = h.ACR f.AMR = h.AMR - f.Context = h.Context f.LoginWasUsed = h.WasHandled f.LoginAuthenticatedAt = h.AuthenticatedAt return nil @@ -394,7 +398,9 @@ func (f *Flow) HandleConsentRequest(r *AcceptOAuth2ConsentRequest) error { f.ConsentHandledAt = r.HandledAt f.ConsentWasHandled = r.WasHandled f.ConsentError = r.Error - f.Context = r.Context + if r.Context != nil { + f.Context = r.Context + } if r.Session != nil { f.SessionIDToken = r.Session.IDToken diff --git a/internal/httpclient/api/openapi.yaml b/internal/httpclient/api/openapi.yaml index 4d8823c5ac1..3d7af6648d2 100644 --- a/internal/httpclient/api/openapi.yaml +++ b/internal/httpclient/api/openapi.yaml @@ -1896,6 +1896,9 @@ components: type: object acceptOAuth2ConsentRequest: properties: + context: + title: "JSONRawMessage represents a json.RawMessage that works well with\ + \ JSON, SQL, and Swagger." grant_access_token_audience: items: type: string @@ -3272,6 +3275,7 @@ components: session: access_token: "" id_token: "" + context: "" grant_access_token_audience: - grant_access_token_audience - grant_access_token_audience @@ -3283,6 +3287,9 @@ components: properties: consent_request: $ref: '#/components/schemas/oAuth2ConsentRequest' + context: + title: "JSONRawMessage represents a json.RawMessage that works well with\ + \ JSON, SQL, and Swagger." expires_at: $ref: '#/components/schemas/oAuth2ConsentSession_expires_at' grant_access_token_audience: diff --git a/internal/httpclient/docs/AcceptOAuth2ConsentRequest.md b/internal/httpclient/docs/AcceptOAuth2ConsentRequest.md index ec518b5d77d..c6284d0c66b 100644 --- a/internal/httpclient/docs/AcceptOAuth2ConsentRequest.md +++ b/internal/httpclient/docs/AcceptOAuth2ConsentRequest.md @@ -4,6 +4,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**Context** | Pointer to **interface{}** | | [optional] **GrantAccessTokenAudience** | Pointer to **[]string** | | [optional] **GrantScope** | Pointer to **[]string** | | [optional] **HandledAt** | Pointer to **time.Time** | | [optional] @@ -30,6 +31,41 @@ NewAcceptOAuth2ConsentRequestWithDefaults instantiates a new AcceptOAuth2Consent This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set +### GetContext + +`func (o *AcceptOAuth2ConsentRequest) GetContext() interface{}` + +GetContext returns the Context field if non-nil, zero value otherwise. + +### GetContextOk + +`func (o *AcceptOAuth2ConsentRequest) GetContextOk() (*interface{}, bool)` + +GetContextOk returns a tuple with the Context field if it's non-nil, zero value otherwise +and a boolean to check if the value has been set. + +### SetContext + +`func (o *AcceptOAuth2ConsentRequest) SetContext(v interface{})` + +SetContext sets Context field to given value. + +### HasContext + +`func (o *AcceptOAuth2ConsentRequest) HasContext() bool` + +HasContext returns a boolean if a field has been set. + +### SetContextNil + +`func (o *AcceptOAuth2ConsentRequest) SetContextNil(b bool)` + + SetContextNil sets the value for Context to be an explicit nil + +### UnsetContext +`func (o *AcceptOAuth2ConsentRequest) UnsetContext()` + +UnsetContext ensures that no value is present for Context, not even an explicit nil ### GetGrantAccessTokenAudience `func (o *AcceptOAuth2ConsentRequest) GetGrantAccessTokenAudience() []string` diff --git a/internal/httpclient/docs/OAuth2ConsentSession.md b/internal/httpclient/docs/OAuth2ConsentSession.md index 732ecca2a3f..0399f2ab121 100644 --- a/internal/httpclient/docs/OAuth2ConsentSession.md +++ b/internal/httpclient/docs/OAuth2ConsentSession.md @@ -5,6 +5,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **ConsentRequest** | Pointer to [**OAuth2ConsentRequest**](OAuth2ConsentRequest.md) | | [optional] +**Context** | Pointer to **interface{}** | | [optional] **ExpiresAt** | Pointer to [**OAuth2ConsentSessionExpiresAt**](OAuth2ConsentSessionExpiresAt.md) | | [optional] **GrantAccessTokenAudience** | Pointer to **[]string** | | [optional] **GrantScope** | Pointer to **[]string** | | [optional] @@ -57,6 +58,41 @@ SetConsentRequest sets ConsentRequest field to given value. HasConsentRequest returns a boolean if a field has been set. +### GetContext + +`func (o *OAuth2ConsentSession) GetContext() interface{}` + +GetContext returns the Context field if non-nil, zero value otherwise. + +### GetContextOk + +`func (o *OAuth2ConsentSession) GetContextOk() (*interface{}, bool)` + +GetContextOk returns a tuple with the Context field if it's non-nil, zero value otherwise +and a boolean to check if the value has been set. + +### SetContext + +`func (o *OAuth2ConsentSession) SetContext(v interface{})` + +SetContext sets Context field to given value. + +### HasContext + +`func (o *OAuth2ConsentSession) HasContext() bool` + +HasContext returns a boolean if a field has been set. + +### SetContextNil + +`func (o *OAuth2ConsentSession) SetContextNil(b bool)` + + SetContextNil sets the value for Context to be an explicit nil + +### UnsetContext +`func (o *OAuth2ConsentSession) UnsetContext()` + +UnsetContext ensures that no value is present for Context, not even an explicit nil ### GetExpiresAt `func (o *OAuth2ConsentSession) GetExpiresAt() OAuth2ConsentSessionExpiresAt` diff --git a/internal/httpclient/model_accept_o_auth2_consent_request.go b/internal/httpclient/model_accept_o_auth2_consent_request.go index 11d6459acfd..04f0d9734b4 100644 --- a/internal/httpclient/model_accept_o_auth2_consent_request.go +++ b/internal/httpclient/model_accept_o_auth2_consent_request.go @@ -18,9 +18,10 @@ import ( // AcceptOAuth2ConsentRequest struct for AcceptOAuth2ConsentRequest type AcceptOAuth2ConsentRequest struct { - GrantAccessTokenAudience []string `json:"grant_access_token_audience,omitempty"` - GrantScope []string `json:"grant_scope,omitempty"` - HandledAt *time.Time `json:"handled_at,omitempty"` + Context interface{} `json:"context,omitempty"` + GrantAccessTokenAudience []string `json:"grant_access_token_audience,omitempty"` + GrantScope []string `json:"grant_scope,omitempty"` + HandledAt *time.Time `json:"handled_at,omitempty"` // Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same client asks the same user for the same, or a subset of, scope. Remember *bool `json:"remember,omitempty"` // RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the authorization will be remembered indefinitely. @@ -45,6 +46,39 @@ func NewAcceptOAuth2ConsentRequestWithDefaults() *AcceptOAuth2ConsentRequest { return &this } +// GetContext returns the Context field value if set, zero value otherwise (both if not set or set to explicit null). +func (o *AcceptOAuth2ConsentRequest) GetContext() interface{} { + if o == nil { + var ret interface{} + return ret + } + return o.Context +} + +// GetContextOk returns a tuple with the Context field value if set, nil otherwise +// and a boolean to check if the value has been set. +// NOTE: If the value is an explicit nil, `nil, true` will be returned +func (o *AcceptOAuth2ConsentRequest) GetContextOk() (*interface{}, bool) { + if o == nil || o.Context == nil { + return nil, false + } + return &o.Context, true +} + +// HasContext returns a boolean if a field has been set. +func (o *AcceptOAuth2ConsentRequest) HasContext() bool { + if o != nil && o.Context != nil { + return true + } + + return false +} + +// SetContext gets a reference to the given interface{} and assigns it to the Context field. +func (o *AcceptOAuth2ConsentRequest) SetContext(v interface{}) { + o.Context = v +} + // GetGrantAccessTokenAudience returns the GrantAccessTokenAudience field value if set, zero value otherwise. func (o *AcceptOAuth2ConsentRequest) GetGrantAccessTokenAudience() []string { if o == nil || o.GrantAccessTokenAudience == nil { @@ -239,6 +273,9 @@ func (o *AcceptOAuth2ConsentRequest) SetSession(v AcceptOAuth2ConsentRequestSess func (o AcceptOAuth2ConsentRequest) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} + if o.Context != nil { + toSerialize["context"] = o.Context + } if o.GrantAccessTokenAudience != nil { toSerialize["grant_access_token_audience"] = o.GrantAccessTokenAudience } diff --git a/internal/httpclient/model_o_auth2_consent_session.go b/internal/httpclient/model_o_auth2_consent_session.go index 10d5e797cc5..f50c7ec6754 100644 --- a/internal/httpclient/model_o_auth2_consent_session.go +++ b/internal/httpclient/model_o_auth2_consent_session.go @@ -19,6 +19,7 @@ import ( // OAuth2ConsentSession A completed OAuth 2.0 Consent Session. type OAuth2ConsentSession struct { ConsentRequest *OAuth2ConsentRequest `json:"consent_request,omitempty"` + Context interface{} `json:"context,omitempty"` ExpiresAt *OAuth2ConsentSessionExpiresAt `json:"expires_at,omitempty"` GrantAccessTokenAudience []string `json:"grant_access_token_audience,omitempty"` GrantScope []string `json:"grant_scope,omitempty"` @@ -79,6 +80,39 @@ func (o *OAuth2ConsentSession) SetConsentRequest(v OAuth2ConsentRequest) { o.ConsentRequest = &v } +// GetContext returns the Context field value if set, zero value otherwise (both if not set or set to explicit null). +func (o *OAuth2ConsentSession) GetContext() interface{} { + if o == nil { + var ret interface{} + return ret + } + return o.Context +} + +// GetContextOk returns a tuple with the Context field value if set, nil otherwise +// and a boolean to check if the value has been set. +// NOTE: If the value is an explicit nil, `nil, true` will be returned +func (o *OAuth2ConsentSession) GetContextOk() (*interface{}, bool) { + if o == nil || o.Context == nil { + return nil, false + } + return &o.Context, true +} + +// HasContext returns a boolean if a field has been set. +func (o *OAuth2ConsentSession) HasContext() bool { + if o != nil && o.Context != nil { + return true + } + + return false +} + +// SetContext gets a reference to the given interface{} and assigns it to the Context field. +func (o *OAuth2ConsentSession) SetContext(v interface{}) { + o.Context = v +} + // GetExpiresAt returns the ExpiresAt field value if set, zero value otherwise. func (o *OAuth2ConsentSession) GetExpiresAt() OAuth2ConsentSessionExpiresAt { if o == nil || o.ExpiresAt == nil { @@ -308,6 +342,9 @@ func (o OAuth2ConsentSession) MarshalJSON() ([]byte, error) { if o.ConsentRequest != nil { toSerialize["consent_request"] = o.ConsentRequest } + if o.Context != nil { + toSerialize["context"] = o.Context + } if o.ExpiresAt != nil { toSerialize["expires_at"] = o.ExpiresAt } diff --git a/spec/api.json b/spec/api.json index da714ba54dc..1e313e08fc7 100644 --- a/spec/api.json +++ b/spec/api.json @@ -150,6 +150,9 @@ }, "acceptOAuth2ConsentRequest": { "properties": { + "context": { + "$ref": "#/components/schemas/JSONRawMessage" + }, "grant_access_token_audience": { "$ref": "#/components/schemas/StringSliceJSONFormat" }, @@ -914,6 +917,9 @@ "consent_request": { "$ref": "#/components/schemas/oAuth2ConsentRequest" }, + "context": { + "$ref": "#/components/schemas/JSONRawMessage" + }, "expires_at": { "properties": { "access_token": { diff --git a/spec/swagger.json b/spec/swagger.json index 8ff1115b755..2cbf535b0d7 100755 --- a/spec/swagger.json +++ b/spec/swagger.json @@ -2173,6 +2173,9 @@ "type": "object", "title": "The request payload used to accept a consent request.", "properties": { + "context": { + "$ref": "#/definitions/JSONRawMessage" + }, "grant_access_token_audience": { "$ref": "#/definitions/StringSliceJSONFormat" }, @@ -2934,6 +2937,9 @@ "consent_request": { "$ref": "#/definitions/oAuth2ConsentRequest" }, + "context": { + "$ref": "#/definitions/JSONRawMessage" + }, "grant_access_token_audience": { "$ref": "#/definitions/StringSliceJSONFormat" },